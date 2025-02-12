Money Report

These are the 50 most common four-digit PINs leaked on the dark web—make sure none of them are yours

By Tom Huddleston Jr., CNBC

Tomas Rodriguez | Corbis | Getty Images

Choosing a phone PIN code that's easy to remember might be a time-saver. It's also a potential security risk.

If your phone or another device is lost or stolen, an easily-guessed PIN code makes it easier for someone to unlock the device and access the personal or financial information stored within. The same goes for your ATM PIN, if you lose your debit card.

And the most common four-digit PIN found in data breaches is also a highly guessable one: the simple "1234," according to a recent Australian Broadcasting Corporation analysis of data from HaveIBeenPwned.com, which which has a database of more than 320 million passwords and PINs aggregated from past leaks.

Some PINs on the report's list are only slightly more complex. Thirty of the 50 most commonly leaked four-digit PINs start with "19" or "20," potentially indicating someone's birth year — relatively simple to decode, if you once posted about your birthday on social media.

Other common formats include repeating numbers, like "1111" and "0000." There's also "1342," a rearrangement of the most-common PIN, and "2580," which draws a straight line down the middle of most numerical keypads.

Here are the 50 most common four-digit PIN codes, according to the analysis:

  1. 1234
  2. 1111
  3. 0000
  4. 1342
  5. 1212
  6. 2222
  7. 4444
  8. 1122
  9. 1986
  10. 2020
  11. 7777
  12. 5555
  13. 1989
  14. 9999
  15. 6969
  16. 2004
  17. 1010
  18. 4321
  19. 6666
  20. 1984
  21. 1987
  22. 1985
  23. 8888
  24. 2000
  25. 1980
  26. 1988
  27. 1982
  28. 2580
  29. 1313
  30. 1990
  31. 1991
  32. 1983
  33. 1978
  34. 1979
  35. 1995
  36. 1994
  37. 1977
  38. 1981
  39. 3333
  40. 1992
  41. 1975
  42. 2005
  43. 1993
  44. 1976
  45. 1996
  46. 2002
  47. 1973
  48. 2468
  49. 1998
  50. 1974

If any of the above PIN codes match your own, you'd be wise to consider changing things up. Your phone and debit card will be more secure if you choose a more obscure PIN, even if it isn't as easy for you to remember at first.

Data breaches affected more than 1.3 billion people around the world last year, according to the Identity Theft Resource Center. The Federal Trade Commission suggests using at least a six-digit PIN for your devices, if possible, and use any available fingerprint or facial scanning technologies for added security.

Some devices might limit the length of your PIN options, so the U.S. Cybersecurity & Infrastructure Security Agency recommends you pick a random and unique PIN, avoiding obvious patterns or sequences with personal connections.

Be careful using the same PIN for multiple devices or accounts, too: If someone correctly guesses one of your PINs, they'll likely try to use it again if they can.

